On Wed 22/Mar/2023 20:31:51 +0100 Michael Thomas wrote:
On 3/21/23 8:01 PM, Murray S. Kucherawy wrote:
1. What percent of incoming email to a mailbox is through
resenders and of that what percent resign?
By "resign" you mean something that has signatures from two domains,
correct? If so, how could one tell whether the originating operator did or
did not attach one or more of them?
As in a mailing list makes a breaking change but resigns it with its own
domain. The mailing could obviously sign their auth-res which if they have a
good reputation the receiver might trust as a reasonable proxy.
That's reinventing ARC!
On Fri 10/Feb/2023 20:09:16 +0100 Michael Thomas wrote:
Again, drop the reference to ARC. it is: 1) Experimental, 2) the claim about
it is wrong (DKIM can already sign a previous auth-res), and 3) this is the
DKIM wg and it holds no power to make changes in it anyway.
I too used to be very skeptic about ARC (mainly because of the conjectured
assumption that ARC sealers can be trusted based on an available reputation
database, which skews usability toward global providers). I changed my mind.
As a special flavor of DKIM designed around forwarding, ARC can bring real
means to solving this problem. Indeed, signing or sealing the messages to be
forwarded can uncover the intent and the maker of the forwarding.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
